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DETAILED ACTION 

1. Claims 1-42 remains rejected. Claims 1-42 have been rejected under 35 U.S.C. 102(e). 

2. This is a FINAL rejection. 



Claim Rejections - 35 USC S 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form 
the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another filed in the United 
States before the invention thereof by the applicant for patent, or on an international application by another who 
has fulfilled the requirements of paragraphs (1), (2), and (4) of section 371(c) of this title before the invention 
thereof by the applicant for patent. 

The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act of 1999 (AIPA) 
and the Intellectual Property and High Technology Technical Amendments Act of 2002 do not apply 
when the reference is a U.S. patent resulting directly or indirectly from an international application filed 
before November 29, 2000. Therefore, the prior art date of the reference is determined under 35 U.S.C. 
102(e) prior to the amendment by the AIPA (pre-AIPA 35 U.S.C. 102(e)). 

3. Claims 1-42 are rejected under 35 U.S.C. 102(e) as being anticipated by Garg, Et Al. 
(US 6,625,603). 
As per claim 1 : 

Garg discloses a storage system comprising: 

a first storage area having an object stored therein; and [see FIG.3A] 
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a second storage area having stored therein an object identifier that identifies the object, 
wherein the object identifier is unique within and outside of the storage system, [see col.7, lines 
5-6 and col.8, lines 10-15] 

As per claim 2: Garg discloses the object identifier is a Universal Unique Identifier 
(UUID). 

[see col.8, lines 10-13] 

As per claim 3: Garg discloses the first and second storage areas are storage areas within a 
database, [see col.5, lines 20-34] 

As per claim 4: Garg discloses the object identifier is a Universal Unique Identifier 
(UUID). [see coL8, lines 10-13] 

As per claim 5: Garg discloses the storage system is part of an access control system, 
[see col.6, line 60 - col.7, line 46] 

As per claim 6: 

Garg discloses a memory comprising: 

a first storage area having an object stored therein; and [see FIG.3A] 

a second storage area having stored therein an object identifier that identifies the object, 

wherein the object identifier is unique within and outside of the storage system, [see col.7, lines 

5-6 and col.8, lines 10-15] 

As per claim 7: Garg discloses the object identifier is a Universal Unique Identifier 
(UUID). [see col.8, lines 1-13] 

As per claim 8: Garg discloses the first and second storage areas are storage areas within a 
database, [see FIG.3A and col.5, lines 20-34] 
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As per claim 9: Garg discloses the object identifier is a Universal Unique Identifier 
(UUID). [see col.8, lines 1-13] 

As per claim 10: 

Garg discloses a method of storing information in a storage system, comprising: 
storing an object in the storage system; and [see FIG.3A] 

storing an object identifier in the storage system, wherein the object identifier identifies 
the object, and the object identifier is unique within and outside of the storage system, [see col.7, 
lines 5-6 and col.8, lines 10-15] 

As per claim 11: as rejected on the same rationale as applied in claim 2. 

As per claim 12: Garg teaches the object identifier is stored in a database, [see FIG.2 and 

col.6, line 66 - col.7, line 5] 

As per claim 13: as rejected on the same rationale as applied in claim 12. 

As per claim 14: Garg discloses the object identifier is a Universal Unique Identifier 

(UUID). [see col.8, lines 1-13] 

As per claim 15: Garg discloses the object identifier is a Universal Unique Identifier 
(UUID). [see col.8, lines 1-13] 

As per claim 16: Garg discloses the storage system is part of an access control system, [see 
col.6, line 60 - col.7, line 46] 

As per claim 17: 

Garg discloses an access control method comprising: 



Application/ Control Number: 09/465,514 Page 5 

Art Unit: 2135 

requesting access for a user to a remote resource [see col.5 lines 48-50], wherein the 
request includes a subject identifier [see col.2, lines 19-49] for use in making an access control 
decision [see col.7, lines 26-39], and wherein the subject identifier [see col. 12, lines 61-67] is unique 
within and outside of the remote resource and identifies the user, [see col.13, lines 3-19 and 
col.14, lines 50-54] 

As per claim 18: Garg discloses the subject identifier is a Universal Unique Identifier 
(UUID). [see col.2, lines 19-49 and col.12, lines 61-67] 

As per claim 19: Garg discusses the request further includes a subject descriptor for use in 
the access control decision, [see col.8, lines 23-43] 

As per claim 20: Garg discusses the subject descriptor is a UUID for an organizational 
structure that includes the user, [col.8, lines 23-47 and col.9, lines 5-12] 

As per claim 21 : Garg discusses the access control decision is made by a resource manager 
that protects the remote resource [see col.7, lines 7-20], and the request is sent over a 
communications path considered safe by the protecting resource manager and the user, [see col.7, 
lines 26-29 and col.8, lines 23-44] 

As per claim 22: 

Garg discloses a computer-readable medium having computer-executable code stored thereon 
comprising: 

requesting access for a user to a remote resource [see col.5, lines 48-50], wherein the 
request includes a subject identifier for use in making an access control decision [see col.7, lines 
26-39], and wherein the subject identifier [see col.12, lines 61-67] is unique within and outside of 
the remote resource and identifies the user, [see col.13, lines 3-19 and col.14, lines 50-54] 



Application/ Control Number: 09/465,514 
Art Unit: 2135 



Page 6 



As per claim 23: as rejected on the same rationale as applied in claim 18. 
As per claim 24: 

Garg discloses a method of identifying a user requesting access to an object, comprising: 

establishing a secure communication path between a reference monitor protecting the 
object and a resource manager [see col.7, lines 7-25] having information describing the user, in 
response to a request by the user to access the object; [see col.8, lines 1-43] 

sending a request for user information from the protecting reference monitor to the 
resource manager [see coL7, lines 26-39], the request including a subject descriptor for the user 
[see col.8, lines 23-43 and col.13, line 42 - col.14, line 30], wherein the subject identifier is a 
Universal Unique Identifier (UUID). [see col.13, lines 3-19 and col.14, lines 50-54] 
[see col.7 lines 30-35] 
As per claim 25: 

Garg discloses determining, based on the received user information, if the user has permission to 
access the request object, [see col.8 lines 45-53] 
As per claim 26: 

Garg discloses the user information includes information relating to an organization of which the 
user is member, [see col.14 lines 50-54] 

As per claim 27: 

Garg discloses an information storage management system, comprising: 
a collection of stored objects; [see col.8, lines 11-14] 
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an access control unit for determining if a requestor is authorized to access a protected 
object stored in the collection; [see col.7 lines 26-39] 

a resource manager connected to the access control unit and to a communication channel; 
[see FTG.3A] 

wherein the resource manager receives a user's request for access to the protected object, 
the request including a globally unique identifier for the user requesting the access [see col.8, lines 
44-50], and in response to the user's request the resource manager sends over the 
communications channel [see col.4, lines 45 - col.6, line 25] to an external storage management 
system a request for information about the user [see col.7 lines 40-60], the request including the 
globally unique identifier; and [see col.13, lines 3-19 and col.14, lines 50-54] 

wherein the resource manager upon receiving a response including user information 
about the user passes the user information [see col.13, line 42 - col.14, line 30]to the access control 
unit [see col.7 lines 6-60]; and based on the user information the access control unit determines 
whether to grant the subject access to the protected object, [see col.14, lines 13-30] 
As per claim 28: Garg discloses the globally unique identifier is a Universal Unique Identifier 
(UUID). [see col.8, lines 1-13] 

As per claim 29: Garg discloses the user information is organization information indicating 
whether the user is a member of an organization, [see col.14 lines 50-54] 

As per claim 30: 

Garg discloses an information storage management system, comprising: 
a collection of stored objects; [see col.8, lines 11-14] 
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an access control unit for determining if a requestor is authorized to access a protected 
object stored in the collection; [see col.7 lines 26-39] 

a resource manager connected to the access control unit and to a communication channel; 
[see col.7, lines 6-60 and FIG3A] 

wherein the resource manager receives a user's request for access to the protected object, 
the request including a globally unique identifier for the user requesting the access [see col.8, lines 
1-13], and in response to the user's request the resource manager resolves the globally unique 
identifier to a user identifier recognized by an external storage management system [see col.7 
lines 40-60]; the resource manager sending to the external storage management system a request 
for information about the user, the request including the resolved user identifier; and [see col.9, 
lines 10 thru col.ll, line 66] 

wherein the resource manager upon receiving a response including user information 
about the user passes the user information [see col.8, lines 23-43] to the access control unit [see 
col.7, lines 6-60]; and based on the user information the access control unit determines whether to 
grant the subject access to the protected object, [see col.15, lines 39-54] 

As per claim 3 1 : Garg discloses the globally unique identifier is a Universal Unique Identifier 
(UUID). [see col.13, lines 3-19 and coL14, lines 50-54] 

As per claim 32: Garg discloses the user information is organization information indicating 
whether the user is a member of an organization, [see col.14 lines 50-54] 

As per claim 33: Garg discloses the resource manager resolves the globally unique identifier by 
using a name server, [see col.6, lines 46-53] 
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As per claim 34: 

Garg discloses a method of accessing a protected object, comprising: 

sending a globally unique identifier for a user to a name resolving device, and receiving 
therefrom information about the user; and [see col.13, lines 3-67] 

sending to a storage management system containing an object a request for access to the 
object, the request including the information about the user, 
[see coL7 lines 26-39 and col.14, lines 1-15] 

As per claim 35 : as rejected on the same rationale as applied in claim 3 1 . 
As per claim 36: 

Garg discloses a computer-readable medium of computer-executable code for accessing a 
protected object, comprising: 

a first set of computer instructions for sending a globally unique identifier for a user [see 
coL13, lines 3-19 and col.14, lines 50-54] to a name resolving device, and receiving therefrom 
information about the user; and [see col.8, lines 23-43 and col.15, lines 1-53] 

a second set of computer instructions for sending to a storage management system 
containing an object a request for access to the object [see col.7 lines 26-39], the request including 
the information about the user, [see col.13, line 12 - col.14, line 30] 
As per claim 37: as rejected on the same rationale as applied in claim 3 1 . 

As per claim 38: The storage system of claim 1, wherein the object is a database record 
describing a user, [see col.8 lines 5-36] 
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As per claim 39: The memory of claim 6, wherein the object is a database record describing a 
user, [see coL8 lines 5-36] 

As per claim 40: The method of claim 10, wherein the object is a database record describing a 
user, [see coL8 lines 5-36] 

As per claim 41: The access control method of claim 17, wherein the subject identifier 
identifies a database record describing the user [see col.8 lines 5-36], and the database record is 
stored on a local resource physically separate from the remote resource, [see col.7 lines 57-61] 
As per claim 42: The access control method of claim 22, wherein the subject identifier 
identifies a database record describing the user [see col.8 lines 5-36], and the database record is 
stored on a local resource physically separate from the remote resource, [see col.7 lines 57-61] 



EXAMINER'S ARGUMENT 



4. Applicant's arguments filed March 14, 2005 have been fully 
considered but they are not persuasive. 

The last rejection that was sent out January 13, 2005 was mistakenly made a Final 
rejection. Therefore the Examiner takes Applicant's response (March 14, 2005) as responding to 
a Non-Final rejection, hence, this rejection is now a Final rejection for the Examiner maintains 
the rejection in view of Garg, et al. 
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Garg also discloses GroupID which is an user identifier indicating that the user is a 
member of along with other users that has the similar access rights to the system (col. 12, lines 
61-67 and col. 14, lines 50-54. The GUIDs of Garg has met the claimed limitations of claims 1- 
16, wherein the claim language states solely the "object" identifier and not limited to a "user". 
Further, the GroupID of Garg identifies the user which meets the claim language of claims 17- 
36, which states a subject identifier that identifies the "user". There is also arguments of Garg 
failing to disclose identifiers that are "unique" or "globally unique identifier", however, is taught 
by Garg a "Globally Unique Identifier (GUID)" (col.6, lines 65-66). Applicant utilizing the term 
"unique" is broad and fails to show how unique an identifier can be, hence, "Globally Unique 
Identifier" speaks for itself that it is an identification that is uniquely used globally. GUID does 
not differentiate whether it is unique only to one system and not the other or not unique across 
different systems for the term "globally" is inherently known in the art and does not narrow 
down to only one system. 

In addition, Garg discusses that the invention may be used in a distributed computing 
environment where tasks are performed remotely linked through a communications network 
(col.4, lines 45-67 and col.6, lines 14-24) and Garg also indicates that it is known in the prior art 
for multi-user computer systems and systems connected to a multi-user network of computers 
require the ability to control and restrict access (col.l, lines 31-33 and col.2, lines 20-43). 
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Conclusion 

5. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the 
advisory action. In no event, however, will the statutory period for reply expire later than 
SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to LEYNNA T. HA whose telephone number is (571) 272-3851. 
The examiner can normally be reached on Monday - Thursday (7:00 - 5:00PM). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on (571) 272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



